OMV WEB GUI JAIL not working.

[TheIronboy]

The jail for the web gui of openmediavault doesn't work.

i noticed that the ip gets banned in the iptables, but i can still connect to the server and spam login requests.

this are the settings i used.

edit: i checked the logs, and it trows this error when an IP gets banned

fail2ban.actions [45354]: NOTICE [OMV-WebGUI-Jail] Ban 158.148.192.43

fail2ban.utils [45354]: ERROR 7f84e8cf10 -- exec: iptables -w -N f2b-OMV-WebGUI-Jail

fail2ban.utils [45354]: ERROR 7f84e8cf10 -- stderr: "iptables v1.8.7 (nf_tables): invalid port/service `' specified"

fail2ban.utils [45354]: ERROR 7f84e8cf10 -- stderr: "Try `iptables -h' or 'iptables --help' for more information."

fail2ban.utils [45354]: ERROR 7f84e8cf10 -- returned 2

fail2ban.actions [45354]: ERROR Failed to execute ban jail 'OMV-WebGUI-Jail' action 'iptables-multiport' info 'ActionInfo({'ip': '158.148.192.43', 'family': 'inet4', 'fid': at 0x7f86419160>, 'raw-ticket': at 0x7f86419820>})': Error starting action Jail('OMV-WebGUI-Jail')/iptables-multiport: 'Script error'

[ryecoaaron]

I'm not sure what is causing this. I get a different log when banning.

Nov 22 07:39:42 omv6dev openmediavault-webgui[2976414]: Unauthorized login attempt from 1.2.3.4 [username=asdsa, user-agent=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36]

When I test the filter's regex, it seems fine.

sudo fail2ban-regex 'Nov 22 07:41:02 omv6dev openmediavault-webgui[2976463]: Authorized login from 1.2.3.4 [username=admin, user-agent=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36]' '<HOST>'

Running tests
=============

Use   failregex line : <HOST>
Use      single line : Nov 22 07:41:02 omv6dev openmediavault-webgui[2976...

Results
=======

Failregex: 3 total
|-  #) [# of hits] regular expression
|   1) [3] <HOST>
`-

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
|  [1] {^LN-BEG}(?:DAY )?MON Day %k:Minute:Second(?:\.Microseconds)?(?: ExYear)?
`-

Lines: 1 lines, 0 ignored, 1 matched, 0 missed
[processed in 0.01 sec]

So, someone who knows fail2ban better than I do (I don't use it) will have to help with this.

[TheIronboy]

it's the same log for me when i try to test the regex, i think there is something wrong in fail2ban, i already tried reinstalling and purging, but nothing works. what should i do now? thank you for the response :)

[ryecoaaron]

what should i do now?

Not sure. The fail2ban package on Debian 11/OMV 6.x hasn't been updated in over two years and the filter/jail in the plugin hasn't been changed in even longer. Post on the forum? File a bug report with Debian?

[TheIronboy]

BRUH, i literally found the problem accidentally, it's the space between the comma in "http, https" writing "http,https" fixed everything. thank you anyways, love your work <3

[ryecoaaron]

The code doesn't have the space in it - https://github.com/OpenMediaVault-Plugin-Developers/openmediavault-fail2ban/blob/master/usr/share/openmediavault/confdb/create.d/conf.service.fail2ban.sh#L105 - and neither does my dev system. Are you not getting any errors now?

[TheIronboy]

nope, works perfectly, i think i added the space for error. my fault :P